visible() */ #[Fillable(['priority'])] class Role extends SpatieRole { use LogsActivity; public function apps(): BelongsToMany { return $this->belongsToMany( ConnectedApp::class, 'app_roles', 'role_id', 'app_id' ) ->using(AppRole::class) ->withPivot('id', 'duration'); } public function getActivitylogOptions(): LogOptions { return LogOptions::defaults() ->logOnly(['name', 'priority']) ->logOnlyDirty() ->useLogName('role_management'); } /** * Override the Spatie permissions relationship to provide precise type-hinting for Larastan. * * @return BelongsToMany */ public function permissions(): BelongsToMany { return parent::permissions(); } /** * Scope a query to only include roles with priority strictly greater than the logged in user's priority (lower privilege). */ public function scopeVisible(Builder $query): Builder { if (! auth()->check()) { return $query; } $userPriority = auth()->user()?->roles()->min('priority') ?? 999999; return $query->where('priority', '>', $userPriority); } }